I'm trying to use the user token (gcloud auth print-access-token) to leverage getting logs using #google-cloud/logging.
Basic code snippet:
import { GetEntriesResponse, Logging } from "#google-cloud/logging";
export async function readLogsAsync() {
const logging = new Logging();
const [entries, _, response]: GetEntriesResponse = await logging.getEntries({
filter: 'resource.type="k8s_container"',
resourceNames: 'projects/acme',
autoPaginate: false,
pageSize: 100
});
console.log(entries.length, response.nextPageToken)
}
Similar call in http works with the user token, so I'm assuming there must be some way to communicate it with the node.js api, but I couldn't find an example or documentation.
curl --location --request POST 'https://logging.googleapis.com/v2/entries:list?alt=json' \
--header "Authorization: Bearer $(gcloud auth print-access-token)" \
--header 'Content-Type: application/json' \
--data-raw '{
"filter": "resource.type=\"k8s_container\"",
"orderBy": "timestamp desc",
"pageSize": 100,
"resourceNames": [
"projects/amce"
]
}'
You're not authenticating the code.
Google's libraries support a mechanism called Application Default Credentials (ADC).
ADC makes it easy to authenticate code deployed to Google Cloud Platform and when running locally. To run locally, you will need to export GOOGLE_APPLICATION_CREDENTIALS with the path to a Service Account key.
As #guillaume-blaquiere comments, you can effect this behavior using gcloud auth application-default but it is better to use a Service Account.
Related
We have a container-based service running in AWS ECS with the front end hosted by AWS Cloudfront, and authorization handled by AWS Cognito. I'm trying to configure Wiremock to be a proxy for this service so I can record the calls and mappings to later use in unit tests for a client app I'm writing in python.
I'm running the Wiremock server in standalone mode, and have it proxying to calls to the url of our service. However, Cloudfront keeps returning either a 403-Bad Request error or 403-Forbidden error when I connect via Wiremock.
When I use curl, and pass all the correct headers (Content-Type: application/json, Authentication: Bearer ) it works just fine when I use https://myservice.example.com/api/foo. But as soon as I swap out "myservice.example.com" for "localhost:8000", I get the Cloudfront generated errors.
I'm guessing I have some mis-configuration where, despite passing the headers to Wiremock, I haven't properly told Wiremock to pass those headers on to "the service", which is really Cloudfront.
Not being a Java guy, I'm finding the Wiremock docs a little difficult to understand, and am trying to use the command-line arguments to configure Wiremock like this:
/usr/bin/java -jar \
./wiremock-jre8-standalone-2.35.0.jar \
--port=8000 \
--verbose \
--root-dir=test_data/wiremock \
--enable-browser-proxying \
--preserve-host-header \
--print-all-network-traffic \
--record-mappings \
--trust-proxy-target=https://myservice.example.com \
--proxy-all=https://myservice.example.com
Request:
$ curl -k -X GET -H "Content-Type: application/json" \
-H "Authorization: Bearer ${JWT}" \
http://127.0.0.1:8000/api/foo
Response:
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>CloudFront</center>
</body>
</html>
When using exactly the same curl command, but changing the URL to point directly at my service instead of the proxy, I get the response I expected (hoped for?) through the proxy:
curl -k -X GET -H "Content-Type: application/json" \
-H "Authorization: Bearer ${JWT}" \
https://myservice.example.com/api/foo
[
{
"id": "09d91ea0-7cb0-4786-b3fc-145fc88a1a3b",
"name": "foo",
"created": "2022-06-09T02:32:11Z",
"updated": "2022-06-09T20:08:43Z",
},
{
"id": "fb2b6454-4336-421a-bc2f-f1d588a78d12",
"name": "bar",
"created": "2022-10-05T06:23:24Z",
"updated": "2022-10-05T18:34:32Z",
}
]
Any help would be greatly appreciated.
Thanks.
When user ask or select option for "agent"/"chat with an agent" on google dialogflow chatbot then it should transfer the chat to LiveChat(https://www.livechat.com/) dashboard so that agent take over from chatbot.
To pass data into LiveChat from a page without LiveChat chat window installed on it,
you can use the following method from LiveChat API:
https://developers.livechat.com/docs/messaging/agent-chat-api#create-customer
to create a customer
afterwards, start a chat as that customer:
https://developers.livechat.com/docs/messaging/customer-chat-api#start-chat
once chat is started - you can submit events using this method:
https://developers.livechat.com/docs/messaging/customer-chat-api#send-event
for all of the above you'll need to provide authorization, please see below:
https://developers.livechat.com/docs/authorization/authorizing-api-calls
for authorization you'll need an account in LiveChat Developer Console:
https://developers.livechat.com/console/
In the Console you can also find contact to LiveChat Developer Community (Discord and email)
EDIT: here's how it looks like more hands on:
First thing we need to do is acquire authentication - in this case we want to act as a customer, there are a few ways to authenticate as customer - below are instructions regarding all the methods:
https://developers.livechat.com/docs/authorization/authorizing-api-calls#case-new-customer
I'll use Agent token grant method and acquire Customer access token by sending following curl:
curl --location --request POST 'https://accounts.livechat.com/customer/token' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer dal:xxxFpzmIHk5c86Zwn3uf2YunhGk' \
--data-raw '{
"grant_type": "agent_token",
"client_id": "3xxx45a50544060cedc26c90644f7677",
"response_type": "token",
"redirect_uri": "https://my.livechatinc.com"
}
'
And here's the response received:
{
"access_token": "dal:xxx-zH-fTOKYJsUolAKzow",
"client_id": "xxx145a50544060cedc26c90644f7677",
"entity_id": "xxx1d260-e284-44c0-53d2-3e958f74488a",
"expires_in": 28800,
"token_type": "Bearer"
}
Once customer access token is acquired we'll be looking to send the "start chat" method
This request requires a parameter called "organization_id" - that's an unique identifier of your account across all LiveChat Inc. products that's static so we'll need to only get it once,
you can get it by sending following curl:
curl --location --request GET 'https://api.livechatinc.com/v3.4/configuration/action/get_organization_id?license_id=1234567'
License ID required for the above can be found inside of your LiveChat tracking code here:
https://my.livechatinc.com/settings/code
Sending the request will provide you with "organization_id" in the response:
{
"organization_id": "xxx29b0e-012c-4384-9f72-614324ec0xxx"
}
Now that we have everything - we can start the chat:
curl --location --request POST 'https://api.livechatinc.com/v3.4/customer/action/start_chat?organization_id=xxx29b0e-012c-4384-9f72-614324ec0741' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer dal:xxx-zH-fTOKYJsUolAKzow' \
--data-raw '{}'
And the response looks like this:
{
"chat_id": "R5MUSNS1I5",
"thread_id": "R5MUSNS1J5"
}
chat_id property from the above response will be useful for sending events and resuming the chat should the visitor want to chat again in the future
To send a message we'll be using the "send_event" method, curl below:
curl --location --request POST 'https://api.livechatinc.com/v3.4/customer/action/send_event?organization_id=xxx29b0e-012c-4384-9f72-614324ec0741' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer dal:xxx-zH-fTOKYJsUolAKzow' \
--data-raw '{
"chat_id": "R5MUSNS1I5",
"event": {
"type": "message",
"text": "hello world",
"recipients": "all"
}
}'
And here's the result:
incoming chat
I hope that helps!
Since monday, I'm not able to use the lint CI API from gitlab, which is documented here https://docs.gitlab.com/ee/api/lint.html#validate-the-ci-yaml-configuration
I'm working on a self hosted gitlab, and we updated gitlab to the last version (13.8.4).
I've noticed that the documentation has changed between 13.8 and 13.9, they mentioned
Access to this endpoint requires authentication.
So I tried to generate a personal access token with full access (I'm admin), but I still get a 401.
Here is my try :
$ curl --header "Content-Type: application/json" --header "PRIVATE-TOKEN: P3r50Na1t0k3N" "https://my-domain.artips.fr/api/v4/ci/lint" --data '{"content": "{ \"image\": \"ruby:2.6\", \"services\": [\"postgres\"], \"before_script\": [\"bundle install\", \"bundle exec rake db:create\"], \"variables\": {\"DB_NAME\": \"postgres\"}, \"types\": [\"test\", \"deploy\", \"notify\"], \"rspec\": { \"script\": \"rake spec\", \"tags\": [\"ruby\", \"postgres\"], \"only\": [\"branches\"]}}"}'
# Result : {"message":"401 Unauthorized"}
# Other try
$ curl -X POST --header "Content-Type: application/json" --header "PRIVATE-TOKEN: P3r50Na1t0k3N" "https:///my-domain.artips.fr/api/v4/ci/lint" --data '{"content": "{ \"image\": \"ruby:2.6\", \"services\": [\"postgres\"], \"before_script\": [\"bundle install\", \"bundle exec rake db:create\"], \"variables\": {\"DB_NAME\": \"postgres\"}, \"types\": [\"test\", \"deploy\", \"notify\"], \"rspec\": { \"script\": \"rake spec\", \"tags\": [\"ruby\", \"postgres\"], \"only\": [\"branches\"]}}"}'
# same result: {"message":"401 Unauthorized"}
Has anyone run into the same problem ?
Thanks in advance
Takeshi
There is an ongoing issue regarding the CI Lint API endpoint. It seems that authentication for this endpoint doesn't work when "signing up" is disabled on on-premise Gitlab instance. I guess the issue will be fixed in future releases.
The user token's scope must grant read/write permission to yout gitlab instance's API (as you may see in the picture). The user hasn't to be admin.
import requests
import urllib.parse
from requests.auth import HTTPBasicAuth
url = 'https://gitlab.example.com/'
api = urllib.parse.urljoin(url, '/api/v4/projects')
private_token = 'xxx'
params = dict(private_token=private_token)
auth = HTTPBasicAuth('username', 'password') # username and password, different from login account, generally provided from ops
response = requests.get(api, params, auth=auth)
print(response)
print(response.json())
I am trying to integrate paypal payment gateway in my Node app in which i'm calling KillBill api provided for Paypal gateway in itsw documentation it is described that we will recieve a url in location header.
But on hitting it in postman i'm recieving html of that page instead of its url in Headers with key "location".
How to integrate it in node app so that if i make request to its url i get back the url of page to be redirected and can do anything i want.
KillBill docs link https://github.com/killbill/killbill-paypal-express-plugin
following is the api i'm using of paypal integration provided by kill bill
curl -v \
-X POST \
-u admin:password \
-H 'X-Killbill-ApiKey: bob' \
-H 'X-Killbill-ApiSecret: lazar' \
-H 'X-Killbill-CreatedBy: admin' \
-H 'Content-Type: application/json' \
-d '{
"kb_account_id": "13d26090-b8d7-11e2-9e96-0800200c9a66",
"currency": "USD",
"options": {
"return_url": "http://www.google.com/?q=SUCCESS",
"cancel_return_url": "http://www.google.com/?q=FAILURE",
"billing_agreement": {
"description": "Your subscription"
}
}
}' \
http://127.0.0.1:8080/plugins/killbill-paypal-express/1.0/setup-checkout
I have sort it some way i just converted that response html into a circular Json array and than found the URL of that html page in some index of that array as a key value pair of an object. Don't know that if it is a perfect solution but it works fine and according to my requirements.
I have created a IBM cloud Object storage service and i have created objects i.e image files in it.
I am looking for the steps to access the images as public URLs. I did some initial research and found there are cURL commands using swift Client to do this.
Reference links
How to access files in container in Object Storage Service in Bluemix? AND
Public URLs For Objects In Bluemix Object Storage Service
from the above links, it says the following steps
Set up the swift CLI . Can you link me the steps to set up Swift CLI ? ( the link in the reference link dosen't work anymore ).
2.Change the container ACL to read with following PUT request
curl -X PUT "https://dal.objectstorage.open.softlayer.com/v1/AUTH_123/mycontainer" \
-H "X-Auth-Token: token123" \
-H "X-Container-Read: .r:*"
But i am not sure what to input on X-Auth-Token header ? i have the following information from the service credentials of COS.
{
"apikey": "X7aDm6yu123123hXwqvq1231232HgOtIGeZiAOEg",
"endpoints": "https://cos-service.bluemix.net/endpoints",
"iam_apikey_description": "Auto generated apikey during resource-key operation for Instance - crn:v1:bluemix:public:cloud-object-storage:global:a/f9aabca54c702be8386b2a3f9815b4e4:d145a33e-e8b1-446f-a87d-69431eaec0b1::",
"iam_apikey_name": "auto-generated-apikey-bed16ed5-1373-47bc-b268-5e0f521bc802",
"iam_role_crn": "crn:v1:bluemix:public:iam::::serviceRole:Writer",
"iam_serviceid_crn": "crn:v1:bluemix:public:iam-identity::a/f9aabca54c702be8386b2a3f9815b4e4::serviceid:ServiceId-36c373a0-4bb9-4316-bc4b-86ea4c98dcd7",
"resource_instance_id": "crn:v1:bluemix:public:cloud-object-storage:global:a/f9aabca54c702be8386b2a3f9815b4e4:d145a33e-e8b1-446f-a87d-69431eaec0b1::"
}
Any help would be really appreciated. Thanks
The bearer token is from IAM.
https://console.bluemix.net/docs/services/cloud-object-storage/getting-started-cli.html#gather-key-information
See this doc on generating pre-signed urls (temporary).
https://console.bluemix.net/docs/services/cloud-object-storage/api-reference/api-reference-objects.html#object-operations
To do a one-off request like that, you can get oauth tokens from the command line using ibmcloud iam oauth-tokens. To specifically get an IAM Token, I use:
export IAM_TOKEN=`ibmcloud iam oauth-tokens | head -n 1 | awk ' {print $4} '`
Then follow that up with your cURL command:
curl -H "Authorization: Bearer $IAM_TOKEN" ...
An application should request tokens based on the apiKey as mentioned.
curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -H "Cache-Control: no-cache" -d 'apikey=<your api key here>&grant_type=urn:ibm:params:oauth:grant-type:apikey' "https://iam.bluemix.net/identity/token"
Here's an example using NPM's request-promise:
const response = await rp({
url: 'https://iam.bluemix.net/identity/token',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
},
method: "POST",
body: `apikey=${apiKey}&grant_type=urn%3Aibm%3Aparams%3Aoauth%3Agrant-type%3Aapikey`,
json: true
});
const token = response.access_token;